12374 matches found
CVE-2026-23115 serial: Fix not set tty->port race condition
In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty-port race condition Revert commit bfc467db60b7 "serial: remove redundant ttyportlinkdevice" because the ttyportlinkdevice is not redundant: the tty-port has to be confured before we call uartconfigureport,...
CVE-2026-23115
In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty-port race condition Revert commit bfc467db60b7 "serial: remove redundant ttyportlinkdevice" because the ttyportlinkdevice is not redundant: the tty-port has to be confured before we call uartconfigureport,...
CVE-2026-23115 serial: Fix not set tty->port race condition
In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty-port race condition Revert commit bfc467db60b7 "serial: remove redundant ttyportlinkdevice" because the ttyportlinkdevice is not redundant: the tty-port has to be confured before we call uartconfigureport,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incorrect competition conditions in serial drivers that prevent the correct setting of tty-port...
PT-2026-8108
In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty-port race condition Revert commit bfc467db60b7 "serial: remove redundant tty port link device" because the tty port link device is not redundant: the tty-port has to be confured before we call uart configu...
Malicious code in console-style-pro0o0o0o (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fe7407a5523ef7efe6bec615d9601fe978b9e5de59d19d7e8e2ff054c5e09e9 The package console-style-pro0o0o0o was found to contain malicious code. Source: ghsa-malware...
CVE-2026-2248
METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...
CVE-2026-2249
METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...
Exploit for CVE-2026-2249
Overview The METIS DFS devices, specifically in versions lowe...
CVE-2026-2249
METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...
CVE-2026-2248
METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...
CVE-2019-25309
Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...
CVE-2019-25309
The CVE-2019-25309 entry concerns Zilab Remote Console Server 3.2.9, which contains an unquoted service path vulnerability . This enables local attackers to potentially execute arbitrary code with elevated privileges by injecting a malicious executable into the unquoted binary path used by the se...
CVE-2019-25309 Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path
Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...
CVE-2019-25309
Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...
CVE-2019-25309 Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path
Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...
CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS
METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...
CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS
METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...
CVE-2026-2249
METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...
CVE-2026-2249
METIS DFS devices expose an unauthenticated web-based shell at /console, allowing remote command execution with daemon privileges on affected versions (